Ivanti Sentry’s CVE-2026-10520 Enables Root RCE

CVE-2026-10520 is a critical OS command injection vulnerability in Ivanti Sentry that can allow a remote, unauthenticated attacker to execute commands as root on vulnerable appliances. The issue is reachable over the network with no credentials or user interaction, and it carries a critical severity score.

Ivanti has released fixed versions, and third-party reporting suggests public Proof-of-Concept (PoC) activity may exist, which could increase the likelihood of fast attacker adoption. This post breaks down what’s confirmed, who is affected, and what defenders should do right now.

What Is CVE-2026-10520?

CVE-2026-10520 (CVSS 10.0) is an OS command injection flaw (CWE-78) affecting Ivanti Sentry. In practical terms, command injection means an attacker can send crafted input that the appliance mistakenly passes into a system-level command, leading to attacker-controlled command execution.

The published impact is root-level remote code execution (RCE). On an appliance like Sentry, root execution typically implies full control of the system, including configuration, stored credentials, and any integrated authentication or directory connections.

Ivanti Sentry often sits in a sensitive position in enterprise environments, acting as a control point for mobile and device access. That placement can amplify the downstream impact if the appliance is compromised.

Which Ivanti Sentry Versions Are Affected?

Ivanti Sentry versions before the following fixed releases are affected:

• R10.5.2
• R10.6.2
• R10.7.1

If you run Sentry and are not on one of those versions (or later in the same branch), treat the system as potentially vulnerable until confirmed otherwise via your internal asset and patch records.

How Does Exploitation Work in Practice?

At a high level, exploitation involves sending a request to a Sentry-exposed attack surface that triggers unsafe construction or execution of operating system commands. Because the issue is categorized as OS command injection, the typical failure pattern is insufficient input sanitization or improper neutralization of special characters before invoking a shell or command runner.

What is not confirmed is the concrete exploitation path, including:

• the exact vulnerable endpoint or service
• the specific parameter or input vector
• whether any non-default configuration is required

That lack of detail does not reduce urgency. For defenders, the key operational reality is that the vulnerability is rated for unauthenticated network exploitation and results in root RCE, which is enough to drive emergency patching decisions.

What About Proof-of-Concept Exploits?

Researchers at watchTowr Labs published technical analysis and a public PoC for CVE-2026-10520 (and a related CVE, CVE-2026-10523).

Is There Evidence of Active Exploitation?

• There is no confirmed exploitation in the wild from authoritative sources.
• CISA ADP enrichment snapshot indicates Exploitation: none at the time it was recorded.
• Secondary reporting indicates Ivanti was not aware of customer exploitation at disclosure time.
• The CVE is not listed as CISA KEV in the referenced secondary source, though KEV status can change.

This should still be treated as an urgent patching event. Internet-reachable, unauthenticated RCE vulnerabilities often move from disclosure to opportunistic scanning quickly, especially when exploit tooling becomes broadly available.

What Is the Real-World Impact If Sentry Is Compromised?

Root-level RCE on Ivanti Sentry can enable actions such as:

• dumping sensitive configuration data and secrets stored on the appliance
• extracting credentials used for directory services, proxies, or integrations (depending on environment)
• modifying access control behavior to weaken device and user enforcement
• establishing persistence through new services, scheduled tasks, or backdoors
• pivoting into internal networks if the appliance has trusted network placement

Because Sentry appliances often integrate with identity and device management workflows, defenders should view compromise as more than a single system outage. It can turn into an identity and lateral movement problem quickly.

Critical flaws are only part of the challenge; understanding where they matter most is just as important. SOCRadar Cyber Threat Intelligence, including Vulnerability Intelligence, helps defenders track newly disclosed issues, exploitation trends, and patch-related developments so they can assess risk faster. With support from Attack Surface Management (ASM), organizations can also identify exposed external assets and better understand which systems may require immediate attention.

What Should Defenders Do Now?

Patch Immediately

Upgrade Ivanti Sentry to a fixed release:

• R10.5.2
• R10.6.2
• R10.7.1

Prioritize any Sentry instance that is internet-exposed or reachable from less-trusted networks.

Reduce Exposure While You Patch

If your patch process requires time, focus on shrinking the reachable attack surface:

• Restrict management and service access to trusted administrative networks only.
• Enforce segmentation so Sentry is not directly reachable from the internet unless it must be.
• Add temporary controls at the edge (firewall, reverse proxy policies) to limit who can reach the appliance. Without the exact endpoint details, filtering will be imperfect.

Hunt for Signs of Compromise

Because concrete IOCs and vulnerable endpoint details are not yet publicly confirmed, use broad, behavior-based checks:

• review web and system logs for unusual request patterns and spikes in 4xx or 5xx responses
• look for unexpected outbound connections from the appliance
• check for newly created users, scheduled tasks, startup scripts, or modified binaries
• validate integrity of key configuration areas against known-good baselines or backups

If you suspect exploitation, treat the device as potentially fully compromised and follow your incident response process for containment, credential rotation, and restoration from a known-good state.